CVE-2007-0104
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
La especificación de Adobe PDF versión 1.3, implementada por (a) xpdf versión 3.0.1 parche 2, (b) kpdf en KDE anterior a versión 3.5.5, (c) poppler anterior a versión 0.5.4, y otros productos, permite a los atacantes remotos tener un impacto desconocido, posiblemente incluyendo la denegación de servicio (bucle infinito), ejecución de código arbitraria, o corrupción de memoria , por medio de un archivo PDF con un (1) diccionario de catálogo creado o (2) un atributo Pages creado que hace referencia a un nodo de árbol de páginas no válido.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-01-08 CVE Reserved
- 2007-01-09 CVE Published
- 2023-12-20 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (34)
URL | Tag | Source |
---|---|---|
http://docs.info.apple.com/article.html?artnum=305214 | X_refsource_confirm | |
http://projects.info-pull.com/moab/MOAB-06-01-2007.html | X_refsource_misc | |
http://secunia.com/advisories/23791 | Third Party Advisory | |
http://securitytracker.com/id?1017514 | Vdb Entry | |
http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html | X_refsource_confirm | |
http://www.kde.org/info/security/advisory-20070115-1.txt | X_refsource_confirm | |
http://www.securityfocus.com/archive/1/457055/100/0/threaded | Mailing List | |
http://www.securitytracker.com/id?1017749 | Vdb Entry | |
http://www.us-cert.gov/cas/techalerts/TA07-072A.html | Third Party Advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 | Vdb Entry | |
https://issues.rpath.com/browse/RPL-964 | X_refsource_confirm |
URL | Date | SRC |
---|---|---|
http://www.securityfocus.com/bid/21910 | 2024-08-07 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xpdf Search vendor "Xpdf" | Xpdf Search vendor "Xpdf" for product "Xpdf" | 3.0 Search vendor "Xpdf" for product "Xpdf" and version "3.0" | - |
Affected
| ||||||
Xpdf Search vendor "Xpdf" | Xpdf Search vendor "Xpdf" for product "Xpdf" | 3.0.1 Search vendor "Xpdf" for product "Xpdf" and version "3.0.1" | - |
Affected
| ||||||
Xpdf Search vendor "Xpdf" | Xpdf Search vendor "Xpdf" for product "Xpdf" | 3.0.1_pl1 Search vendor "Xpdf" for product "Xpdf" and version "3.0.1_pl1" | - |
Affected
| ||||||
Xpdf Search vendor "Xpdf" | Xpdf Search vendor "Xpdf" for product "Xpdf" | 3.0.1_pl2 Search vendor "Xpdf" for product "Xpdf" and version "3.0.1_pl2" | - |
Affected
| ||||||
Xpdf Search vendor "Xpdf" | Xpdf Search vendor "Xpdf" for product "Xpdf" | 3.0_pl2 Search vendor "Xpdf" for product "Xpdf" and version "3.0_pl2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.2 Search vendor "Kde" for product "Kde" and version "3.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.2.1 Search vendor "Kde" for product "Kde" and version "3.2.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.2.2 Search vendor "Kde" for product "Kde" and version "3.2.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.2.3 Search vendor "Kde" for product "Kde" and version "3.2.3" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.3 Search vendor "Kde" for product "Kde" and version "3.3" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.3.1 Search vendor "Kde" for product "Kde" and version "3.3.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.3.2 Search vendor "Kde" for product "Kde" and version "3.3.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.4 Search vendor "Kde" for product "Kde" and version "3.4" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.4.1 Search vendor "Kde" for product "Kde" and version "3.4.1" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.4.2 Search vendor "Kde" for product "Kde" and version "3.4.2" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.4.3 Search vendor "Kde" for product "Kde" and version "3.4.3" | - |
Affected
| ||||||
Kde Search vendor "Kde" | Kde Search vendor "Kde" for product "Kde" | 3.5 Search vendor "Kde" for product "Kde" and version "3.5" | - |
Affected
|